A data security attack has been reported, exposing the detail that several NHS staff’s personal information have been stolen.
Hackers raided the system of IT company Landauer and copied the Names, dates of birth, radiation doses and national insurance numbers of the medical staff who worked with X-rays.
However, the health boards claim that the data breach has not affected any patient.
Andrea Hague, director Velindre Cancer Services said that the 530 staff members of NHS trust have become a victim of the attack.
“Landauer has indicated that the breach was made on one of its UK servers, directly impacting on the Radiation Protection Service (RPS), a facility run by the Velindre Cancer Centre,” Andrea said.
“The RPS provides a radiation dose monitoring service to a number of organizations, including health boards in Wales.
“Notification of the data breach was received by the Trust on January 17 this year, but it is understood that the actual incident happened in October 2016,” she said.
Andrea explained the ongoing discussion with the host company as a cause of delayed notification of the incident.
“We understand how much importance people and companies place on the security of personal information and, while this breach is not within Velindre’s own managed systems, this serious incident is, nonetheless, deeply disappointing.”
About 654 staff members compromised personal data at Betsi Cadwaladr University Health Board and also several individuals who are working as NHS staff in England and Scotland and people working for private dentists and vets.
“We have contacted all the staff affected to reassure them that Landauer has acted swiftly to secure its servers and that, since the attack, it has undertaken significant measures in connection with its UK IT network to ensure that no further information can be compromised,” A spokesperson for Betsi Cadwaladr University Health Board said.
“Landauer has also arranged for the staff affected to have free access to the credit monitoring agency Experian for the next 24 months.
“We are also working closely with our Information Governance department and the Information Commissioner’s Office to ensure that the actions we have taken are in line with our requirements under the Data Protection Act 1998.”
A spokesperson for Welsh government said that we are aware of the incident and looking forward to the complete details of the investigation and outcome.
“This is an incident in a large global company holding data on individuals in many countries around the world,” he said.
“This problem affects individuals in England and Scotland also. NHS staff have been made aware of the situation and appropriate measures have been put in place to support them.”
Share this article
About the Author
Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.
More from Zehra AliRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
